Submit

Login Login

Register Register

Home/ Journals/ CMES/ Vol.145, No.3, 2025/ 10.32604/cmes.2025.074178

Table of Content

Open Access iconOpen Access

ARTICLE

A New Dataset for Network Flooding Attacks in SDN-Based IoT Environments

Nader Karmous1, Wadii Jlassi1, Mohamed Ould-Elhassen Aoueileyine1, Imen Filali2,*, Ridha Bouallegue1

1 Innov’COM Laboratory, Higher School of Communication of Tunis, University of Carthage, Technopark Elghazala, Raoued, Ariana, 2083, Tunisia
2 Department of Computer Sciences, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh, 11671, Saudi Arabia

* Corresponding Author: Imen Filali. Email: email

(This article belongs to the Special Issue: Next-Generation Intelligent Networks and Systems: Advances in IoT, Edge Computing, and Secure Cyber-Physical Applications)

Computer Modeling in Engineering & Sciences 2025, 145(3), 4363-4393. https://doi.org/10.32604/cmes.2025.074178

Received 04 October 2025; Accepted 26 November 2025; Issue published 23 December 2025

Abstract

This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments, built upon a novel, synthetic multi-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling. The proposed model is based on the XGBoost algorithm, optimized with Principal Component Analysis for dimensionality reduction, utilizing lightweight flow-level features extracted from OpenFlow statistics to classify attacks across critical IoT protocols including TCP, UDP, HTTP, MQTT, and CoAP. The model employs lightweight flow-level features extracted from OpenFlow statistics to ensure low computational overhead and fast processing. Performance was rigorously evaluated using key metrics, including Accuracy, Precision, Recall, F1-Score, False Alarm Rate, AUC-ROC, and Detection Time. Experimental results demonstrate the model’s high performance, achieving an accuracy of 98.93% and a low FAR of 0.86%, with a rapid median detection time of 1.02 s. This efficiency validates its superiority in meeting critical Key Performance Indicators, such as Latency and high Throughput, necessary for time-sensitive SDN-IoT systems. Furthermore, the model’s robustness and statistically significant outperformance against baseline models such as Random Forest, k-Nearest Neighbors, and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.

Keywords

Cybersecurity; SDN; IoT; ML; AI; dataset; software defined networking; flooding; DDoS; attacks; threat; Wilcoxon

Cite This Article

APA Style
Karmous, N., Jlassi, W., Aoueileyine, M.O., Filali, I., Bouallegue, R. (2025). A New Dataset for Network Flooding Attacks in SDN-Based IoT Environments. Computer Modeling in Engineering & Sciences, 145(3), 4363–4393. https://doi.org/10.32604/cmes.2025.074178
Vancouver Style
Karmous N, Jlassi W, Aoueileyine MO, Filali I, Bouallegue R. A New Dataset for Network Flooding Attacks in SDN-Based IoT Environments. Comput Model Eng Sci. 2025;145(3):4363–4393. https://doi.org/10.32604/cmes.2025.074178
IEEE Style
N. Karmous, W. Jlassi, M. O. Aoueileyine, I. Filali, and R. Bouallegue, “A New Dataset for Network Flooding Attacks in SDN-Based IoT Environments,” Comput. Model. Eng. Sci., vol. 145, no. 3, pp. 4363–4393, 2025. https://doi.org/10.32604/cmes.2025.074178
BibTex EndNote RIS



cc Copyright © 2025 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 581

    View

  • 49

    Download

  • 0

    Like

Related articles

Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link